In April of 2018, the Department of State informed Pennsylvania counties they had until the end of 2019 to select new voting systems that provide a paper record. So far at least 53 counties, or 79%, have taken official action toward selecting a new voting system, and 45 counties, or 67%, used these new voting systems during Tuesday's elections.
Aside from the new voting systems providing a paper trail for accurate recounts and auditing if necessary, some other election security defenses include:
- All certified voting systems in Pennsylvania, including the election management system and vote-tallying components, are never connected to or permitted on internet-facing networks, which significantly decreases opportunities to be hacked.
- Precinct election results are not submitted through a network. They are physically delivered to county election officials and later certified to the state.
- Counties strictly secure their voting systems. Every county election board inspects and tests each piece of voting and tabulating equipment before an election and places locks with tamper-evident seals on all voting machine access points.
- Pennsylvania has partnered with the U.S. Department of Homeland Security to conduct multiple comprehensive vulnerability and other cyber assessments of the Commonwealth’s cybersecurity posture. The Department of State has also provided counties with security training, including in-depth tabletop and mock election exercises, anti-phishing protection, and many other resources.
- The Commonwealth utilizes multiple layers of protection, including 24/7 continuous network monitoring, firewalls, encryption, password protection, multi-factor authentication, and continuity of operations (COOP) planning, among other controls to protect our systems. There is no evidence the voter rolls or vote results have ever been hacked or compromised.
- Following this election, Pennsylvania will pilot a cutting-edge security measure, the risk limiting audit in Philadelphia and Mercer counties to check the accuracy of election outcomes.
Security was a top priority during Tuesday's municipal elections, and acting Secretary of State Kathy Boockvar and Christopher C. Krebs, director of the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), assured Pennsylvanians that a network of federal, state and local partnerships was safeguarding the election process. State election experts, security professionals, department staff, call center volunteers, and emergency personnel all monitored the Tuesday municipal elections from the Pennsylvania Emergency Management Agency (PEMA).
“Election security is a top priority for CISA. Americans should have confidence that they are the ones picking their leaders and deciding elections without concern about foreign interference. Acting Secretary Boockvar and her team have been strong partners in this effort and continue to lead with their move to auditable systems and investment in election systems,” Krebs said.
“Voters have a role to play too. We know that foreign adversaries seek to influence public sentiment and may seek to spread wrong information during the election. I encourage everyone to ignore the noise and get election information straight from the source—from the Secretary of State’s office or their local election office.”
The Pennsylvania Department of State also works closely with county election officials and Boards of Elections, the Center for Internet Security (CIS), and other key partners to maintain and enhance the security of the election process.
“With the concerns that we have seen nationally surrounding election security, it is imperative that all state agencies are working together here in Pennsylvania,” said Marcus Brown, director of the state’s Office of Homeland Security.